CVE-2006-0323

RealPlayer 10.5 (6.0.12.1040-1348) - SWF Buffer Overflow (PoC)

Severity Score

9.3

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including RealPlayer 10.x, RealOne Player, Rhapsody 3, and Helix Player allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a size value that is less than the actual size, or (2) other unspecified manipulations.

Desbordamiento de buffer en swfformat.dll en múltiples productos y versiones RealNetworks incluyendo RealPlayer 10.x, RealOne Player, Rhapsody 3 y Helix Player permite a atacantes remotos ejecutar código arbitrario a través de un archivo SWF (Flash) manipulado con (1) un valor de tamaño que es menor que el tamaño real o (2) otras manipulaciones no especificadas.

*Credits: N/A

CVSS Scores

NISTv2 9.3

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2006-01-19 CVE Reserved
2006-03-23 CVE Published
2006-03-23 First Exploit
2024-07-12 EPSS Updated
2024-08-07 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer

CAPEC

References (19)

URL	Tag	Source
http://securityreason.com/securityalert/690	Third Party Advisory
http://securitytracker.com/id?1015806	Vdb Entry
http://www.securityfocus.com/archive/1/430621/100/0/threaded	Mailing List
http://www.vupen.com/english/advisories/2006/1057	Vdb Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/25408	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/1622	2006-03-28
https://www.exploit-db.com/exploits/27460	2006-03-23
http://www.securityfocus.com/bid/17202	2024-08-07

URL	Date	SRC
http://secunia.com/advisories/19362	2018-10-19
http://secunia.com/advisories/19365	2018-10-19
http://www.gentoo.org/security/en/glsa/glsa-200603-24.xml	2018-10-19
http://www.kb.cert.org/vuls/id/231028	2018-10-19
http://www.novell.com/linux/security/advisories/2006_18_realplayer.html	2018-10-19
http://www.redhat.com/support/errata/RHSA-2006-0257.html	2018-10-19
http://www.service.real.com/realplayer/security/03162006_player/en	2018-10-19

URL	Date	SRC
http://secunia.com/advisories/19358	2018-10-19
http://secunia.com/advisories/19390	2018-10-19
https://access.redhat.com/security/cve/CVE-2006-0323	2006-03-22
https://bugzilla.redhat.com/show_bug.cgi?id=1617883	2006-03-22

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Realnetworks Search vendor "Realnetworks"		Helix Player Search vendor "Realnetworks" for product "Helix Player"				*		-		Affected
Realnetworks Search vendor "Realnetworks"		Realone Player Search vendor "Realnetworks" for product "Realone Player"				*		-		Affected
Realnetworks Search vendor "Realnetworks"		Realplayer Search vendor "Realnetworks" for product "Realplayer"				10.0 Search vendor "Realnetworks" for product "Realplayer" and version "10.0"		gold		Affected
Realnetworks Search vendor "Realnetworks"		Realplayer Search vendor "Realnetworks" for product "Realplayer"				10.0.6 Search vendor "Realnetworks" for product "Realplayer" and version "10.0.6"		-		Affected
Realnetworks Search vendor "Realnetworks"		Realplayer Search vendor "Realnetworks" for product "Realplayer"				10.5 Search vendor "Realnetworks" for product "Realplayer" and version "10.5"		-		Affected
Realnetworks Search vendor "Realnetworks"		Rhapsody Search vendor "Realnetworks" for product "Rhapsody"				3 Search vendor "Realnetworks" for product "Rhapsody" and version "3"		-		Affected